Protecting a Post of any type (e.g., Post, Page, Product, bbPress Forum, Topic, Reply) will protect the Permalink leading to that Post. It will also protect any additional Endpoints, and any child Posts in a hierarchy. For instance, protecting a parent Page also protects any child Pages, protecting a bbPress Forum also protects all Topics/Replies in that Forum, and protecting a Page associated with BuddyPress functionality will also protect all of the BuddyPress Endpoints that add social networking functionality to your site; e.g., A Page /members
, may have Endpoints like /members/[username]/profile
, /members/[username]/settings/
, etc.
Dashboard Location
DashboardRestrictionsAdd NewProtected Posts/Pages
Here you will find a meta box that allows you to protect any kind of Post in WordPress. Most of the social networking functionality in BuddyPress is driven by a WordPress Page. A Page in WordPress is in fact another type of Post, so the Page you selected to use for 'Members' will show up in this list. By protecting the 'Members' Page, you are protecting most of the social networking functionality in BuddyPress.
Reviewing BuddyPress 'Page' Settings
It's a good idea to review your BuddyPress 'Page' Settings and make a decision about which portions of this functionality you want to make off-limits to the public. In the example above, I chose to protect everything associated with the Members Page, Activity Page, and I also protected a bbPress Forum.
Getting More Specific (URI Patterns)
If protecting the entire Page (which protects all of the Endpoints associated with that Page) is too much, then instead of using the Post/Page meta box when you create a new Restriction, you can protect specific URI Patterns.
Dashboard Location
DashboardRestrictionsAdd NewProtected URI Patterns
For instance, I can restrict access to the BuddyPress Endpoint that allows a User to change their profile photo, their cover image, and I can disable favorites too. I'm able to do this by protecting specific URI Patterns. Simply put, all you do is traverse your site and find the URIs that lead to functionality that requires a paid upgrade, and then restrict access to those URIs. See also: Protecting URI Patterns for further details.